United Natural Foods Inc. (UNFI), one of the largest grocery distributors in North America and the main supplier for Amazon-owned Whole Foods, has confirmed that it was hit by a cyberattack that has disrupted its operations.
The ripple effects are now hitting grocery shelves.
The Rhode Island-based company revealed in a June 9 filing with the Securities and Exchange Commission (SEC) that it discovered “unauthorized activity” on parts of its IT network on June 5. In response, UNFI “proactively” shut down certain systems, including those used to fulfill and distribute customer orders.
“The incident has caused, and is expected to continue to cause, temporary disruptions to the Company’s business operations,” the company said in the SEC filing.
Whole Foods feels the impact
Whole Foods is already seeing the effects. A spokesperson for the grocery chain told Reuters in an email Monday that it was “working to restock our shelves as quickly as possible,” and referred further questions to UNFI.
According to TechCrunch, some Whole Foods stores have already reported empty shelves. One UNFI customer, who was trialing a new product in Whole Foods stores this week, said “much of their supply had not been delivered” and that they had not received communication from UNFI or Whole Foods about the disruption.
During its June 10 earnings call, UNFI CEO Sandy Douglas addressed the attack, stating the company is “continuing to safely bring our systems back online and restore broad-based customer service as soon as possible.” He also noted that they are “helping our customers with short-term solutions wherever possible.”
Douglas confirmed that the company is currently shipping to customers “on a limited basis.” UNFI’s external-facing systems, including those used by suppliers and customers, are still largely offline. TechCrunch reports that the company’s web platforms and VPN access are not functioning as of Tuesday.
While the nature of the cyberattack has not been publicly confirmed, many industry observers suspect ransomware may be involved. Law enforcement has been notified, and UNFI says it has brought in outside cybersecurity experts to help investigate and contain the breach.
Financial fallout and market reaction
The market reacted, and the company’s shares fell nearly 7% on Monday, closing at $25.94. UNFI is a critical link in the North American grocery supply chain. It supplies over 30,000 locations, including major chains and small retailers, and offers more than 250,000 product SKUs from over 50 distribution centers. UNFI brings in more than $30 billion in annual revenue.
Despite the disruption, UNFI is not adjusting its 2025 financial outlook, at least for now. The company reported $8.1 billion in net sales for the quarter ending May 3, 2025, but acknowledged ongoing challenges, including the end of a major grocery contract.
The investigation is still in its “early stages,” according to the SEC filing. UNFI has emphasized that actual impacts may differ from current expectations, warning that “forward-looking statements” involve risks and uncertainties.
